Security & Fraud

Another 2.2M Patients’ Data Exposed In AMCA Data Breach

2.2M Patients’ Data Exposed In AMCA Data Breach

Clinical Pathology Laboratories (CPL) is the latest victim of a data security breach at the billing collections service American Medical Collection Agency (AMCA).

Some 2.2 million patients may have had their names, addresses, phone numbers, dates of birth, dates of service, balance information and treatment provider information stolen, CPL said in a press release.

CPL learned of the breach involving the AMCA payment website after being contacted by the company. The incident is limited to the AMCA’s systems.

As an independent collection agency, the AMCA is used for debt collection by CPL, as well as other labs and healthcare providers. The security of CPL’s systems was not affected by the incident, the release indicated.

Austin, Texas-based CPL said in the release that it blames the AMCA for not providing more details when the breach was initially discovered in May. Although the AMCA notified CPL about the incident at that time, it wasn’t enough to identify potentially affected patients or to confirm the nature of patient information potentially involved.

CPL noted that they take the security of its patients’ information very seriously, including the security of data handled by vendors. CPL is no longer using the AMCA for collection efforts and is conducting its own investigation.

The AMCA’s eight-month breach was first disclosed in June when news broke that 11.9 million Quest Diagnostics and UnitedHealth Group patient records were exposed. Days later, 7.7 million LabCorp customers were compromised.

The AMCA has advised CPL that patients’ Social Security numbers were not involved in the incident. CPL said it does not provide the AMCA with healthcare records such as laboratory results and clinical history.

In response to the breach, the AMCA sent notification letters to approximately 34,500 CPL patients. In addition, based on AMCA’s investigation and other information it provided, CPL estimated that approximately another 2.2 million patients may have been affected by the incident.

The impact of this incident is limited to patients whose accounts were referred for debt collection and who reside in the United States.


Latest Insights: 

The Which Apps Do They Want Study analyzes survey data collected from 1,045 American consumers to learn how they use merchant apps to enhance in-store shopping experiences, and their interest in downloading more in the future. Our research covered consumers’ usage of in-app features like loyalty and rewards offerings and in-store navigation, helping to assess how merchants can design apps to distinguish themselves from competitors.


To Top